Application for Payment Card Merchants

advertisement
APPLICATION FOR PAYMENT CARD MERCHANTS
To be completed by Departments that would like to accept payment cards (Visa, Master Card, American
Express, Discover cards and Debit cards) as a form of payment for goods and/or services, receipt of
donations, non-tuition courses, conferences, seminars, tickets and other approved University related
products.
Please read Payment Card Processing Policy prior to completing this application to make sure that your
Department will be able to comply with all the requirements listed on this University Policy.
Application must be submitted to the Controller’s Office, CSC 335. Once the application has been
approved, please allow at least four weeks for electronic terminals and eight weeks for web based setup
prior to the desired “live” date. The information provided on this application will be used to create an
“Information Profile” that will be submitted to our bank, American Express and Discover Business
Services to request merchant numbers.
For assistance or questions regarding this form, please contact Eva Ramirez at (305) 348-2547.
1. DEPARTMENT NAME: ______________________________________________________________
2. MERCHANT (LOCATION) NAME: FIU_________________________________________________
Note: The merchant (location) name will appear on your customer’s monthly statements and on the bank
statements sent to the Controller’s Office. It will always start with FIU (i.e., FIU Student Financials Office, FIU
College of Medicine, FIU SHOPUTS). Maximum number of characters is 24, including spaces.
3. INTERNET ADDRESS: ______________________________________________________________
Note: Internet address is ONLY required if accepting credit cards over the internet (online).
4. MERCHANT (LOCATION) ADDRESS: _________________________________________________
___________________________________________________________________________________
Note: Merchant address must include Building & Room number. Statements will be mailed to this address.
5. PRIMARY CONTACT: _____________________________ TITLE: ___________________________
6. TELEPHONE #: ____________________ ALTERNATE TELEPHONE #: ______________________
7. EMAIL ADDRESS: __________________________ FAX NUMBER: _________________________
Note: Primary contact will be responsible for the overall process of accepting payment cards at this location and
must be a full time employee. (OPS or College Work Study employees are not allowed).
8. DATE SUBMITTED: _______________________DESIRED “LIVE” DATE: ____________________
PCI DSS-001 Application for Payment Card Merchants Rev 3-16-2010
Page 1
9. TRANSACTION TYPE TO BE ACCEPTED (Mark with an X):
VISA ____ MASTER CARD ____
AMERICAN EXPRESS ____ DISCOVER ____ DEBIT ______
Note: FIU accepts ONLY these four types of credit cards. Debit cards will be processed the same as credit cards.
10. PROCESSING TYPE (Check the type of system currently being used or will be used):
POS (Point of Sale) Electronic Terminals ____
Internet (online) ____
Other _____
If other, describe in detail ______________________________________________________________
Current Third Party Vendor, if applicable ___________________________________ (Ex: Cybersource)
Note: If not using CyberSource Business Edition, Departments are responsible for submitting the
contract/agreement to our Legal Office and making sure that it is forwarded to Division of IT for approval prior to
purchasing any software.
11. ESTIMATED ANNUAL CREDIT CARD VOLUME:
Annual Dollar Amount $ _______________
Annual Number of transactions ______________
Average Dollar Amount of a Transaction: $ _____________
Note: If assistance with the “estimated annual credit card volume” is needed, please call 7-2662.
12. CHARGEBACK INFORMATION:
Mail “Chargebacks” to (Provide name, title, and address including building and room #)
Name ______________________________________
Title _____________________________
Address _________________________________________________________________________
Note: Chargebacks are created when a customer disputes a charge. If action is not taken by the merchant within
the time frame indicated on the letter, FIU will be charged by the payment card company. A journal entry must be
made by the merchant to record such chargeback. If assistance with Chargebacks is needed, please call General
Accounting at 7-2052.
13. ACCEPTANCE- POS (Point of Sale) Terminals:
If using owned equipment (include vendor or type) _______________________________________
Will you need equipment? If yes, select one from below
Terminal/Printer Combo Rental Fee (Dial up connection)
$20.00/month Qty __________
Terminal/Printer Combo Purchase (Dial up connection)
$275.00
Qty __________
Note: An analogue telephone or fax line must be available. If not available, please contact the UTS Help Desk at
7-2284 to request a price quote from Telecommunications.
14. ACCEPTANCE – INTERNET (ONLINE):
PCI DSS-001 Application for Payment Card Merchants Rev 3-16-2010
Page 2
Internet Software Vendor ______________________ (CyberSource Business Edition is recommended)
Integration and interface requirements, including any special configuration, implementation or conversion
needs (if applicable) __________________________________________________________________
Name of technical contact (required) _____________________________________________________
Email address ____________________________________________ Telephone #________________
Note: A Technical contact is required. Merchants accepting payment cards over the internet must post an “Internet
Privacy Policy” and a “Refund Policy” on their web site
15. USE:
What is the main purpose of this merchant account? (i.e., registration fees, tuition for non-credit courses,
tickets for events)
_____________________________________________________________________________
Note: Payment card information must NEVER be shared via email, voice message, or instant message. If
information is received by fax, it must be processed and shredded immediately.
16. PROCEDURES:
I agree to read and adhere to the procedures provided in the Payment Card Processing Policy.
17. REQUIREMENTS FOR ESTABLISHING A MERCHANT ACCOUNT:
Departments are responsible for completing the following forms:
a.
b.
c.
d.
e.
f.
Application for Payment Card Merchants
Background Check Request Form
Employee Statement of Understanding
Employee Change Form for Merchant Locations
Annual Merchant Questionnaire
Cancellation of Merchant Services
Departments are responsible for ensuring that employees who will be involved in payment card
processing, or have access to such sensitive data, have:
a. Reviewed the University’s Payment Card Processing Policy and become familiar with the
Payment Card Industry Data Security Standards (PCI DSS). To download the PCI DSS, go to
b. Cleared a background check before access to cardholder information is granted. (Department
supervisor should complete the “Background Check Request Form” and submit completed form
to Human Resources PC234).
c. Completed Red Flag Training. Please contact security@fiu.edu to register.
d. Obtained access to PeopleSoft. Please contact glmaint@fiu.edu.
e. Contacted General Accounting at 7-2050 to obtain the necessary role for payment card journals.
f. Completed training on how to create payment card journals. Please contact Julia Cancino.
PCI DSS-001 Application for Payment Card Merchants Rev 3-16-2010
Page 3
g. Completed payment card processing training, according to the selected “Approved Method of
Payment Card Processing”. The three different approved methods are listed below:
1. Point of Sale Terminal – Training conducted by our bank. Appointment is scheduled by the
merchant by calling 1-877-895-2614, option 4, once the equipment has been received. The
equipment training is conducted over the telephone.
2. Internet payment card application – Online training is available for Cybersource software.
Please visit www.cybersource.com/bankofamerica for any pre-sales support needs including
setting-up a test account, access to support documentation, online tutorials and recorded
demonstrations. Existing merchants with Customer Support needs may contact Cybersource
at 866-501-7958 or "Submit a Question" online at www.cybersource.com/help.
Note: If Cybersource Business Edition software is not selected, the contract/agreement with software vendor must
be reviewed by our Legal Office and Division of IT prior to purchasing the software and prior to submitting this
application to the Controller’s Office. Vendor should be on Visa’s “List of Validated Payment Applications”. Please
visit https://www.pcisecuritystandards.org/security_standards/vpa. Merchants will be responsible for visiting this
site prior to selecting software.
3. Hosted solution by third-party vendor – Must be PCI DSS compliant and approved by the
Division of Information Technology, please contact Donna Day at donna.day@fiu.edu,
Ext 7-3712. Merchant will be responsible for submitting a contract/agreement to our Legal
Office for approval. Merchant will also be responsible for coordinating training with vendor.
Note: If approved, the vendor will be required to provide a letter certifying compliance with the PCI DSS
regulations. Vendor should be on Visa’s “List of PCI DSS Compliant Service Providers”
http://usa.visa.com/download/merchants/cisp-list-of-pcidss-compliant-service-providers.pdf and /or Visa’s “List of
Validated Payment Applications” https://www.pcisecuritystandards.org/security_standards/vpa. Merchants will be
responsible for visiting these sites prior to selecting a vendor/software. The contract/agreement with third party
vendors must be reviewed by our Legal Office and Division of IT prior to submitting this application to the
Controller’s Office. Please attach a copy of the approved contract/agreement to this application.
18. CERTIFICATION:
I certify, to the best of my knowledge, that the information on this application and all related documents
are true and accurate. I certify that I have read and understood University Policy #1110.025, Payment
Card Processing, and that I have reviewed the related information contained therein. In addition, I
understand that this certification provides authority to purchase/rent equipment as selected below with a
charge to department ID___________________________.
___Terminal/Printer Combo Rental Fee (Dial) - $20/month
___Terminal/Printer Combo Purchase (Dial) - $275
___PIN Pad Rental Fee - $6/month
___PIN Pad Purchase - $80
I certify that all employees who process and handle payment cardholder information will have a
background check performed and will undergo required training. I certify that changes in payment card
PCI DSS-001 Application for Payment Card Merchants Rev 3-16-2010
Page 4
processing personnel will be submitted to the Controller’s Office via the Employee Change Form for
Merchant Locations.
Signature of Department Head or Director ________________________________________________
Printed Name _____________________________
Title _______________________________
Date ____________________________________
Telephone # ________________________
Signature of employee that completed this form ____________________________________________
Printed name _____________________________
Title _______________________________
Date ____________________________________
Telephone # ________________________
Once form has been completed and signed, please submit printed application with all related documents
to: Maria E. Alvarez, Administrative Assistant, Controller’s Office, CSC 335.
For assistance or questions, please contact Maria E. Alvarez at 7-2662 or alvarezm@fiu.edu. Thank you.
********************************************************************************************************************************************************************
Received by the Controller’s Office on _____________________________
Merchant (Location) Name _____________________________________________________________________________
Reviewed by __________________________________________________
( ) Approved
( ) Denied
Date ______________________________
Reason for denial _________________________________________________
Information Profile sent to bank by _________________________________
Date _______________________________
Merchant #’s assigned ___________________________/___________________________/___________________________
PCI DSS-001 Application for Payment Card Merchants Rev 3-16-2010
Page 5
Download